inet: Add __inet6_scopeid_pton function [BZ #20611]

__inet6_scopeid_pton implements strict validation of numeric scope IDs. Use it in getaddrinfo and __res_vinit.
author: Florian Weimer <fweimer@redhat.com> 2016-09-15 15:46:30 +0200
committer: Florian Weimer <fweimer@redhat.com> 2016-09-15 15:46:30 +0200
commit: 80d8cb91dee8bdcc4e430b3e2620d95f89b1ee0b (patch)
tree: 3a0f59d773e165332cc67d89f2e8ef181d5b49fd /inet
parent: a0a9b6e376b75c07b4f65f270f008ce035bbf536 (diff)
5 files changed, 231 insertions, 2 deletions
diff --git a/inet/Makefile b/inet/Makefile
index 2207b93977..1c30932997 100644
--- a/inet/Makefile
+++ b/inet/Makefile
@@ -44,13 +44,15 @@ routines := htonl htons		\
 	    getaliasent_r getaliasent getaliasname getaliasname_r \
 	    in6_addr getnameinfo if_index ifaddrs inet6_option \
 	    getipv4sourcefilter setipv4sourcefilter \
-	    getsourcefilter setsourcefilter inet6_opt inet6_rth
+	    getsourcefilter setsourcefilter inet6_opt inet6_rth \
+	    inet6_scopeid_pton
 
 aux := check_pf check_native ifreq
 
 tests := htontest test_ifindex tst-ntoa tst-ether_aton tst-network \
 	 tst-gethnm test-ifaddrs bug-if1 test-inet6_opt tst-ether_line \
-	 tst-getni1 tst-getni2 tst-inet6_rth tst-checks tst-sockaddr
+	 tst-getni1 tst-getni2 tst-inet6_rth tst-checks tst-sockaddr \
+	 tst-inet6_scopeid_pton
 
 include ../Rules
 
diff --git a/inet/Versions b/inet/Versions
index 56eb274634..6f663f3648 100644
--- a/inet/Versions
+++ b/inet/Versions
@@ -85,5 +85,8 @@ libc {
     # functions used in other libraries
     __internal_endnetgrent; __internal_getnetgrent_r;
     __internal_setnetgrent;
+
+    # Used from nscd.
+    __inet6_scopeid_pton;
   }
 }
diff --git a/inet/inet6_scopeid_pton.c b/inet/inet6_scopeid_pton.c
new file mode 100644
index 0000000000..aa37392771
--- /dev/null
+++ b/inet/inet6_scopeid_pton.c
@@ -0,0 +1,63 @@
+/* Convert an IPv6 scope ID from text to the internal representation.
+   Copyright (C) 2016 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#include <net-internal.h>
+
+#include <ctype.h>
+#include <errno.h>
+#include <locale.h>
+#include <net/if.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
+
+/* Parse SOURCE as a scope ID for ADDRESS.  Return 0 on success and -1
+   on error.  */
+internal_function int
+__inet6_scopeid_pton (const struct in6_addr *address, const char *scope,
+                      uint32_t *result)
+{
+  if (IN6_IS_ADDR_LINKLOCAL (address)
+      || IN6_IS_ADDR_MC_LINKLOCAL (address))
+    {
+      uint32_t number = __if_nametoindex (scope);
+      if (number != 0)
+        {
+          *result = number;
+          return 0;
+        }
+    }
+
+  if (isdigit_l (scope[0], _nl_C_locobj_ptr))
+    {
+      char *end;
+      unsigned long long number
+        = ____strtoull_l_internal (scope, &end, /*base */ 10, /* group */ 0,
+                                   _nl_C_locobj_ptr);
+      if (*end == '\0' && number <= UINT32_MAX)
+        {
+          *result = number;
+          return 0;
+        }
+    }
+
+  __set_errno (EINVAL);
+  return -1;
+}
+
+libc_hidden_def (__inet6_scopeid_pton)
diff --git a/inet/net-internal.h b/inet/net-internal.h
new file mode 100644
index 0000000000..961d1f715b
--- /dev/null
+++ b/inet/net-internal.h
@@ -0,0 +1,30 @@
+/* Network-related functions for internal library use.
+   Copyright (C) 2016 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#ifndef _NET_INTERNAL_H
+#define _NET_INTERNAL_H 1
+
+#include <arpa/inet.h>
+#include <stdint.h>
+
+int __inet6_scopeid_pton (const struct in6_addr *address,
+                          const char *scope, uint32_t *result)
+  internal_function attribute_hidden;
+libc_hidden_proto (__inet6_scopeid_pton)
+
+#endif /* _NET_INTERNAL_H */
diff --git a/inet/tst-inet6_scopeid_pton.c b/inet/tst-inet6_scopeid_pton.c
new file mode 100644
index 0000000000..f9f541e30a
--- /dev/null
+++ b/inet/tst-inet6_scopeid_pton.c
@@ -0,0 +1,131 @@
+/* Tests for __inet6_scopeid_pton.
+   Copyright (C) 2016 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+#include <arpa/inet.h>
+#include <inttypes.h>
+#include <net-internal.h>
+#include <net/if.h>
+#include <stdio.h>
+#include <stdlib.h>
+
+/* An interface which is known to the system.  */
+static const char *interface_name;
+static uint32_t interface_index;
+
+/* Initiale the variables above.  */
+static void
+setup_interface (void)
+{
+  struct if_nameindex *list = if_nameindex ();
+  if (list != NULL && list[0].if_index != 0 && list[0].if_name[0] != '\0')
+    {
+      interface_name = list[0].if_name;
+      interface_index = list[0].if_index;
+    }
+}
+
+/* Convert ADDRESS to struct in6_addr.  */
+static struct in6_addr
+from_string (const char *address)
+{
+  struct in6_addr addr;
+  if (inet_pton (AF_INET6, address, &addr) != 1)
+    {
+      printf ("error: inet_pton (\"%s\") failed\n", address);
+      exit (1);
+    }
+  return addr;
+}
+
+/* Check a single address were we expected a failure.  */
+static void
+expect_failure (const char *address, const char *scope)
+{
+  struct in6_addr addr = from_string (address);
+  uint32_t result = 1234;
+  if (__inet6_scopeid_pton (&addr, scope, &result) == 0)
+    {
+      printf ("error: unexpected success for %s%%%s\n",
+              address, scope);
+      exit (1);
+    }
+  if (result != 1234)
+    {
+      printf ("error: unexpected result update for %s%%%s\n",
+              address, scope);
+      exit (1);
+    }
+}
+
+/* Check a single address were we expected a success.  */
+static void
+expect_success (const char *address, const char *scope, uint32_t expected)
+{
+  struct in6_addr addr = from_string (address);
+  uint32_t actual = expected + 1;
+  if (__inet6_scopeid_pton (&addr, scope, &actual) != 0)
+    {
+      printf ("error: unexpected failure for %s%%%s\n",
+              address, scope);
+      exit (1);
+    }
+  if (actual != expected)
+    {
+      printf ("error: unexpected result for for %s%%%s\n",
+              address, scope);
+      printf ("  expected: %" PRIu32 "\n", expected);
+      printf ("  actual:   %" PRIu32 "\n", actual);
+      exit (1);
+    }
+}
+
+static int
+do_test (void)
+{
+  setup_interface ();
+
+  static const char *test_addresses[]
+    = { "::", "::1", "2001:db8::1", NULL };
+  for (int i = 0; test_addresses[i] != NULL; ++i)
+    {
+      expect_success (test_addresses[i], "0", 0);
+      expect_success (test_addresses[i], "5555", 5555);
+
+      expect_failure (test_addresses[i], "");
+      expect_failure (test_addresses[i], "-1");
+      expect_failure (test_addresses[i], "-99");
+      expect_failure (test_addresses[i], "037777777777");
+      expect_failure (test_addresses[i], "0x");
+      expect_failure (test_addresses[i], "0x1");
+    }
+
+  if (interface_name != NULL)
+    {
+      expect_success ("fe80::1", interface_name, interface_index);
+      expect_success ("ff02::1", interface_name, interface_index);
+      expect_failure ("::", interface_name);
+      expect_failure ("::1", interface_name);
+      expect_failure ("ff01::1", interface_name);
+      expect_failure ("2001:db8::1", interface_name);
+    }
+
+  return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
author	Florian Weimer <fweimer@redhat.com>	2016-09-15 15:46:30 +0200
committer	Florian Weimer <fweimer@redhat.com>	2016-09-15 15:46:30 +0200
commit	80d8cb91dee8bdcc4e430b3e2620d95f89b1ee0b (patch)
tree	3a0f59d773e165332cc67d89f2e8ef181d5b49fd /inet
parent	a0a9b6e376b75c07b4f65f270f008ce035bbf536 (diff)